Start of Content Area

Procedure documentation Setting Up Reporting Authorizations  Locate the document in its SAP Library structure

Use

Before you are able to set up reporting authorizations, you have to create authorization objects.

Note

As soon as an authorization object is saved, it can be checked when a query is run. The user may not have the appropriate authorizations if he or she has not yet been assigned this authorization object.

Only when the user has been assigned the appropriate authorizations can he/she define and execute a query or navigate in an existing query.

Note

If in the query a characteristic value or a node is excluded, a complete authorization check “*” is required.

Procedure

Creating an authorization object

...

       1.      In the SAP Easy Access initial screen of the SAP Business Information Warehouse, choose the path SAP Menu Business Explorer Authorizations Reporting Authorization Objects.

       2.      Choose Authorization Object Create. Give the authorization object a technical name and a regular name. Save your entries.

       3.      On the right-hand side of the screen, an overview of all the InfoObjects that are authorization-relevant is displayed.

Note

Only those characteristics that have been flagged as authorization-relevant previously in the InfoObject maintenance screen can be assigned as fields for an authorization object. See also: Creating InfoObjects: Characteristics

       4.      Assign the InfoObject fields to the authorization object:

¡        Select the characteristics for which you want an authorization check of the selection conditions to be carried out.

¡        Select the InfoObject key figure (1KYFNM) if you want to restrict the authorization to a single key figure.

¡        Select the InfoObject (0TCTAUTHH) if you want to check authorizations for a hierarchy.

¡        Include the authorization field activity (ACTVT) in the authorization object if you want to check authorizations for documents.

       5.      Save your entries.

       6.      Go back to the initial screen of the authorization maintenance.

       7.      Choose Check for InfoProviders Display to get a list of the InfoProviders that contain the InfoObjects that you selected and are therefore subject to an authorization check (where-used list). In the change mode you can exclude individual InfoProviders from the authorization check for this authorization object by removing the flag.

 

This graphic is explained in the accompanying text

Authorization object:           S_RSRSAREA

Name:                   Sales area

Fields:                         DIVISION, CUSTGROUP, 1KYFNM

 

Creating authorizations

Authorizations are created and maintained in the role maintenance screens.

...

       1.      Choose Authorizations Roles Change.

       2.      Specify the roles that you want to change and choose Change. This takes you to the role maintenance screen.

       3.      On the Authorizations tabstrip, choose the Expert mode for generating profiles option.

       4.      Choose the Enter Authorization Objects Manually option, and specify the objects that you require. Choose Enter. The authorization object is added to the role.

       5.      Choose Generate.

For more information, see Changing and Assigning Roles.

 

Result

The user is now able to work with queries.

See also:

Authorizations for Working with a Query

 

 

End of Content Area